From Security Weekly Wiki
Jump to navigationJump to search
1,937 bytes added ,  19:30, 19 January 2012
= Larry's Stories =
#[ SE Android] - [Larry] - From the builders of the SE Linux project (yes the NSA), we now have the SE Android project. It would be neat to see the adoption of the SE Android stuff into the Android kernel, much like the SE Linux stuff seeing integration into the generic kernel. Of course, I'm sure that it still does not include any FDE…
#[ Mixed case DNS?] - [Larry] - I'm not sure of what this really means yet. However what does camel case DNS queries do? this whole addition of the 0x20 bit encoding is interesting. Johannes says this might be good for additional spoof protection, but I'm wondering if there might be some options for abuse - IE the encoding into binary for data exfiltration.
#[ City College infected with some sort of data exfiltrating "virus" for 10 years. Appears to have been communicating with Russia, and appears to have started in a computer lab frequented by international students. First, how can they tell it goes back 10 years? Do they really have tcp traffic that goes back that far? Second, I love these quotes from one of the trustees:
Trustee Chris Jackson, also at the presentation, said he was concerned that City College has spent a lot of money on security over the years, but has gotten little in return.
"The most basic level of encryption for our computers was never put in place," he said. "That's unconscionable."
Peter Goldstein, the college's vice chancellor for finance, defended the college's past efforts at virus protection, saying the school had two firewalls.
#[ bypass linux screen locks] - [Larry] - Yay, poorly monitored git code commits. Want to disable screen locks? just hit CTRL ALT *…
= Jack's Stories =


Navigation menu